/** * test case for get_mac() functions */ void TestEthernet::tcGet_mac(void) { cout << "获取硬件地址:" << endl; char *interface_name = NULL; char *strRetValue = NULL; if(0 != get_mac(interface_name,strRetValue)) { cout << "interface_name : " << interface_name << endl; cout << "strRetValue : " << strRetValue << endl; } else { cout << "获取硬件地址失败!" << endl; } char interface_name1[] = "eth0"; char *strRetValue1 = NULL; if(0 != get_mac(interface_name1,strRetValue1)) { cout << "interface_name : " << interface_name1 << endl; cout << "strRetValue : " << strRetValue1 << endl; } else { cout << "获取硬件地址失败!" << endl; } char interface_name2[] = "lo"; char *strRetValue2 = NULL; if(0 != get_mac(interface_name2,strRetValue2)) { cout << "interface_name : " << interface_name2 << endl; cout << "strRetValue : " << strRetValue2 << endl; } else { cout << "获取硬件地址失败!" << endl; } }
static int cimod_init(void) { get_mac(&ci_module.mac_addr[0]); ci_module.running = 1; dprintf("client-interface module initialized!\n"); return 0; }
void send_connect_auth(char *cmd) { char *total_packg=NULL; char *userid; char *mac_data; char *ip_data; char ip_temp[40]; char *cuniqid; char uid_tmp[60]; char type[10]; unsigned char authbody_size; memset(uid_tmp,0,sizeof(char)*60); memset(type,0,sizeof(char)*10); memset(ip_temp,0,sizeof(char)*40); cuniqid= (char*)calloc(10,sizeof(char)); mac_data=(char*)calloc(30,sizeof(char)); ip_data=(char*)calloc(25,sizeof(char)); userid=(char*)calloc(60,sizeof(char)); if(!get_ip(ETH,ip_temp)) { DEBUG_printf("get ip error!\n"); } sprintf(ip_data,"IP=%s,",ip_temp); strcpy( userid,"UID="); #ifdef BB_BLACK strcat( userid,read_conf_by_type(bb_black_conf_dir,"api-uid",uid_tmp)); #endif // BB_BLACK #ifdef OPENWRT strcat( userid,read_luci_conf("user_id")); #endif // OPENWRT strcat( userid,","); sprintf(type,"TYPE=%d",MINERTYPE); authbody_size=strlen(gen_cuniqid(deal_package_cmd.pkg_nonce))+strlen(get_mac(mac_data,ETH))+strlen(ip_data)+strlen(userid)+strlen(type); send_head(cmd,authbody_size); total_packg=(char*)calloc((authbody_size+4),sizeof(char)); strcpy(total_packg,deal_package_cmd.pkg_nonce); strcat(total_packg,mac_data); strcat(total_packg,ip_data); strcat(total_packg,userid); strcat(total_packg,type); if ((sendbytes = senddata(ssl,sockfd,total_packg,authbody_size)) == -1) { perror("send"); //exit(1); } DEBUG_printf("send pakge str :%s\n",total_packg); free(mac_data); free(ip_data); free(userid); free(cuniqid); if(total_packg) free(total_packg); }
/* system dependent call to get IEEE node ID. This sample implementation generates a random node ID. */ INT32_T get_ieee_node_identifier(uuid_node_t *node) { if (get_mac(node->if_name,node->nodeID,6) == ERROR) { return ERROR; } return OK; }
unsigned long ENET_Configuration(void) { unsigned long res=0; unsigned short tmp; RCC_AHBPeriphClockCmd(RCC_AHBPeriph_ETH_MAC | RCC_AHBPeriph_ETH_MAC_Tx | RCC_AHBPeriph_ETH_MAC_Rx, ENABLE); ETH_DeInit(); get_mac(mac); ETH_MACAddressConfig(ETH_MAC_Address0, mac); GPIO_ETH_MediaInterfaceConfig(GPIO_ETH_MediaInterface_RMII); ETH_SoftwareReset(); while(ETH_GetSoftwareResetStatus()==SET) vTaskDelayUntil( &ExLastExecutionTime, ( portTickType ) 1 / portTICK_RATE_MS ); ETH_StructInit(Ð_InitStructure); ETH_InitStructure.ETH_AutoNegotiation = ETH_AutoNegotiation_Enable; ETH_InitStructure.ETH_Watchdog = ETH_Watchdog_Disable; ETH_InitStructure.ETH_Jabber = ETH_Jabber_Disable; ETH_InitStructure.ETH_JumboFrame = ETH_JumboFrame_Disable; ETH_InitStructure.ETH_InterFrameGap = ETH_InterFrameGap_64Bit; ETH_InitStructure.ETH_CarrierSense = ETH_CarrierSense_Enable; ETH_InitStructure.ETH_Speed = ETH_Speed_10M; ETH_InitStructure.ETH_ReceiveOwn = ETH_ReceiveOwn_Disable; ETH_InitStructure.ETH_LoopbackMode = ETH_LoopbackMode_Disable; ETH_InitStructure.ETH_Mode = ETH_Mode_FullDuplex; ETH_InitStructure.ETH_RetryTransmission = ETH_RetryTransmission_Disable; ETH_InitStructure.ETH_AutomaticPadCRCStrip = ETH_AutomaticPadCRCStrip_Disable; ETH_InitStructure.ETH_BackOffLimit = ETH_BackOffLimit_10; ETH_InitStructure.ETH_DeferralCheck = ETH_DeferralCheck_Disable; ETH_InitStructure.ETH_ReceiveAll = ETH_ReceiveAll_Enable; ETH_InitStructure.ETH_PassControlFrames = ETH_PassControlFrames_ForwardPassedAddrFilter; ETH_InitStructure.ETH_BroadcastFramesReception = ETH_BroadcastFramesReception_Disable; ETH_InitStructure.ETH_DestinationAddrFilter = ETH_DestinationAddrFilter_Normal; ETH_InitStructure.ETH_PromiscuousMode = ETH_PromiscuousMode_Disable; ETH_InitStructure.ETH_MulticastFramesFilter = ETH_MulticastFramesFilter_Perfect; ETH_InitStructure.ETH_UnicastFramesFilter = ETH_UnicastFramesFilter_Perfect; ETH_InitStructure.ETH_RxDMABurstLength = ETH_RxDMABurstLength_32Beat; ETH_InitStructure.ETH_TxDMABurstLength = ETH_TxDMABurstLength_32Beat; ETH_InitStructure.ETH_FlushReceivedFrame = ETH_FlushReceivedFrame_Enable; ETH_InitStructure.ETH_SecondFrameOperate = ETH_SecondFrameOperate_Enable; ETH_InitStructure.ETH_FixedBurst = ETH_FixedBurst_Enable; res = ETH_Init(Ð_InitStructure, PHY_ADDRESS); ETH_DMAITConfig(ETH_DMA_IT_NIS | ETH_DMA_IT_R | ETH_DMA_IT_T, ENABLE); for(tmp=0;tmp<ETH_RXBUFNB;tmp++) Rx_Buff[tmp] = (unsigned long)Ð_RX[tmp][0]; for(tmp=0;tmp<ETH_TXBUFNB;tmp++) Tx_Buff[tmp] = (unsigned long)Ð_TX[tmp][0]; ETH_DMATxDescChainInit(DMATxDscrTab, (unsigned char*)Tx_Buff, ETH_TXBUFNB); ETH_DMARxDescChainInit(DMARxDscrTab, (unsigned char*)Rx_Buff, ETH_RXBUFNB); for(tmp=0;tmp<ETH_RXBUFNB;tmp++){ETH_DMARxDescReceiveITConfig(DMARxDscrTab+tmp, ENABLE);} ETH_Start(); ETH_ResumeDMAReception(); return(res); }
/* Waits for authentication and association responses from the target AP */ static int process_authenticate_associate_resp(int want_assoc) { struct pcap_pkthdr header; unsigned char *packet; struct radio_tap_header *rt_header; struct dot11_frame_header *dot11_frame; struct authentication_management_frame *auth_frame; struct association_response_management_frame *assoc_frame; int ret_val = 0; start_timer(); while(!get_out_of_time()) { if((packet = next_packet(&header)) == NULL) break; if(header.len < MIN_AUTH_SIZE) continue; rt_header = (void*) radio_header(packet, header.len); size_t rt_header_len = end_le16toh(rt_header->len); dot11_frame = (void*)(packet + rt_header_len); if((memcmp(dot11_frame->addr3, get_bssid(), MAC_ADDR_LEN) != 0) || (memcmp(dot11_frame->addr1, get_mac(), MAC_ADDR_LEN) != 0)) continue; int isMgmtFrame = (dot11_frame->fc & end_htole16(IEEE80211_FCTL_FTYPE)) == end_htole16(IEEE80211_FTYPE_MGMT); if(!isMgmtFrame) continue; void *ptr = (packet + sizeof(struct dot11_frame_header) + rt_header_len); auth_frame = ptr; assoc_frame = ptr; int isAuthResp = (dot11_frame->fc & end_htole16(IEEE80211_FCTL_STYPE)) == end_htole16(IEEE80211_STYPE_AUTH); int isAssocResp = (dot11_frame->fc & end_htole16(IEEE80211_FCTL_STYPE)) == end_htole16(IEEE80211_STYPE_ASSOC_RESP); if(!isAuthResp && !isAssocResp) continue; if(isAuthResp && want_assoc) continue; /* Did we get an authentication packet with a successful status? */ if(isAuthResp && (auth_frame->status == end_htole16(AUTHENTICATION_SUCCESS))) { ret_val = AUTH_OK; break; } /* Did we get an association packet with a successful status? */ else if(isAssocResp && (assoc_frame->status == end_htole16(ASSOCIATION_SUCCESS))) { ret_val = ASSOCIATE_OK; break; } } return ret_val; }
int netdev_tap::recv_dev(UINT8 **buf) { int len; if(m_fd == -1) return 0; // exit if we didn't receive anything, got an error, got a broadcast or multicast packet, // are in promiscuous mode or got a packet with our mac. do { len = read(m_fd, m_buf, sizeof(m_buf)); } while((len > 0) && memcmp(get_mac(), m_buf, 6) && !get_promisc() && !(m_buf[0] & 1)); *buf = m_buf; return (len == -1)?0:len; }
/* Waits for authentication and association responses from the target AP */ int associate_recv_loop() { struct pcap_pkthdr header; const u_char *packet = NULL; struct radio_tap_header *rt_header = NULL; struct dot11_frame_header *dot11_frame = NULL; struct authentication_management_frame *auth_frame = NULL; struct association_response_management_frame *assoc_frame = NULL; int ret_val = 0, start_time = 0; start_time = time(NULL); while((time(NULL) - start_time) < ASSOCIATE_WAIT_TIME) { packet = next_packet(&header); if(packet == NULL) { break; } if(header.len >= MIN_AUTH_SIZE) { rt_header = (struct radio_tap_header *) radio_header(packet, header.len); dot11_frame = (struct dot11_frame_header *) (packet + rt_header->len); if((memcmp(dot11_frame->addr3, get_bssid(), MAC_ADDR_LEN) == 0) && (memcmp(dot11_frame->addr1, get_mac(), MAC_ADDR_LEN) == 0)) { if(dot11_frame->fc.type == MANAGEMENT_FRAME) { auth_frame = (struct authentication_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len); assoc_frame = (struct association_response_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len); /* Did we get an authentication packet with a successful status? */ if((dot11_frame->fc.sub_type == SUBTYPE_AUTHENTICATION) && (auth_frame->status == AUTHENTICATION_SUCCESS)) { ret_val = AUTH_OK; break; } /* Did we get an association packet with a successful status? */ else if((dot11_frame->fc.sub_type == SUBTYPE_ASSOCIATION) && (assoc_frame->status == ASSOCIATION_SUCCESS)) { ret_val = ASSOCIATE_OK; break; } } } } } return ret_val; }
static void upipe_iface_init(struct net_if *iface) { struct device *dev = net_if_get_device(iface); struct upipe_context *upipe = dev->driver_data; u8_t *mac = get_mac(dev); net_if_set_link_addr(iface, mac, 8, NET_LINK_IEEE802154); upipe_dev = dev; upipe->iface = iface; ieee802154_init(iface); }
void ndp_spoof(const u_char *bytes, size_t len) { struct ether *ether = NULL; struct ip6 *ip = NULL; struct icmp6 *icmp = NULL; struct icmp6_nd_ns *ns = NULL; char s1[INET6_ADDRSTRLEN], s2[INET6_ADDRSTRLEN]; struct packet *p = NULL; u_char *mac = NULL; ether = (struct ether *)bytes; ip = (struct ip6 *)(bytes + sizeof(struct ether)); if (ip->nxt == IP6_NXT_ICMP6) { icmp = (struct icmp6 *)(bytes + sizeof(struct ether) + sizeof(struct ip6)); } else { /* TODO */ fatal("no ICMPv6 packet!!! Skipping..."); return; } if (icmp->type == ICMP6_T_ND_NS) { mac = get_mac(iface); if (mac == NULL) return; if (memcmp(mac, ether->src, ETH_ADDR_LEN) == 0) { free(mac); return; } ns = (struct icmp6_nd_ns *)(bytes + sizeof(struct ether) + sizeof(struct ip6) + sizeof(struct icmp6)); bzero(s1, INET6_ADDRSTRLEN); inet_ntop(AF_INET6, ns->target, s1, INET6_ADDRSTRLEN); bzero(s2, INET6_ADDRSTRLEN); inet_ntop(AF_INET6, ip->src, s2, INET6_ADDRSTRLEN); printf("Spoofing %s with target %s\n", s2, s1); p = packet_init(); packet_add_ether(p, mac, ether->src, ETH_TYPE_IP6); packet_add_ip6(p, sizeof(struct icmp6) + sizeof(struct icmp6_nd_na), IP6_NXT_ICMP6, IP6_HLIM, ns->target, ip->src); packet_add_icmp6_nd_na(p, ICMP6_ND_NA_F_SOLICIT | ICMP6_ND_NA_F_OVERRIDE, ns->target); packet_send(iface, p); packet_free(p); free(mac); } }
int test_miscellany_net() { unsigned char mac_addr[6]; char ip_addr[100]; #if 0 get_mac((char *)"eth0",mac_addr, sizeof(mac_addr)); print_mac(mac_addr); get_local_ip((char *)"eth0",ip_addr); print_ipaddr(ip_addr); set_local_ip((char *)"eth0","192.168.20.182"); get_local_ip((char *)"eth0",ip_addr); print_ipaddr(ip_addr); dbg_str(DBG_DETAIL,"get local netmask"); get_local_netmask((char *)"eth0",ip_addr); print_ipaddr(ip_addr); dbg_str(DBG_DETAIL,"set local netmask"); set_local_netmask((char *)"eth0",(char *)"255.255.255.0"); get_local_netmask((char *)"eth0",ip_addr); print_ipaddr(ip_addr); dbg_str(DBG_DETAIL,"ip and str convert"); inet_str2num(AF_INET,(char *)"192.168.20.2"); inet_num2str(AF_INET,34908352,ip_addr); #endif #if 0 if(inet_is_in_same_subnet("192.168.2.32","eth0")) { /* *dbg_str(DBG_DETAIL,"this ip addr add local addr is in the same net"); */ } else { dbg_str(DBG_DETAIL,"this ip addr add local addr is not in the same net"); } #endif get_broadcast_addr("eth0", ip_addr); print_ipaddr(ip_addr); /* *char ip_addr2[100]; *set_broadcast_addr("eth0", "192.168.20.255"); *print_ipaddr(ip_addr2); */ return 0; }
//---------------------------------------------------------------------------------- static int secure_cmd_gain_mac(char *pSRC, int nDataLen, char *pOUT, int *pOUTLen) { int ret = -1; if((*pOUTLen < 6) || (NULL == pOUT)) return ret; char buf[128]; memset(buf, 0, 128); ret = get_mac(buf, FROM_KERNEL); if(ret == 0){ memcpy(pOUT, buf, CONFIG_EFUSE_MAC_DATA_SIZE); } return ret; }
void c_tun_device_windows::init() { _fact("Creating TUN/TAP (windows version)"); m_guid = get_device_guid(); _fact("GUID " << to_string(m_guid)); m_handle = get_device_handle(); m_stream_handle_ptr = std::make_unique<boost::asio::windows::stream_handle>(m_ioservice, m_handle); m_mac_address = get_mac(m_handle); m_buffer.fill(0); if (!m_stream_handle_ptr->is_open()) throw std::runtime_error("TUN/TAP stream handle open error"); _fact("Start reading from TUN"); m_stream_handle_ptr->async_read_some(boost::asio::buffer(m_buffer), boost::bind(&c_tun_device_windows::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); }
void netdev::recv(void *ptr, int param) { UINT8 *buf; int len; while((len = recv_dev(&buf))) { if(buf[0] & 1) { if(memcmp("\xff\xff\xff\xff\xff\xff", buf, 6) && !m_dev->mcast_chk(buf, len)) continue; } else if(memcmp(get_mac(), buf, 6) && !get_promisc()) continue; m_dev->recv_cb(buf, len); } }
int bluetooth_test(int mode) { int key; char show_buffer[50]; while (1) { lcd_clrscr(); lcd_disp_string(0, 0, " 蓝牙测试 "); lcd_disp_hline(0, 13, 128); lcd_disp_string(0, 16, "1.名称获取 2.MAC获取"); lcd_disp_string(0, 30, "3.获取状态 4.串口直连"); key = kb_get_key(0); switch (key) { case KEY_1: get_name(); break; case KEY_2: get_mac(); break; case KEY_3: get_bt_status(); break; case KEY_4: connect_uart(); break; case KEY_POUND: serial_write(CONFIG_BT_SERIAL_NUM, "AT+ADV\r\n", sizeof("AT+ADV\r\n"));//开启广播 serial_read(CONFIG_BT_SERIAL_NUM, show_buffer, 50, 300); break; case KEY_ASTERISK: serial_write(CONFIG_BT_SERIAL_NUM, "AT+DISC\r\n" , sizeof("AT+DISC\r\n" ));//断开连接 serial_read(CONFIG_BT_SERIAL_NUM, show_buffer, 50, 300); break; case KEY_ESC: serial_write(CONFIG_BT_SERIAL_NUM, "AT+DISC\r\n", sizeof("AT+DISC\r\n")); serial_read(CONFIG_BT_SERIAL_NUM, show_buffer, 30, 300); return 0; default: break; } } }
netdev_pcap::netdev_pcap(const char *name, class device_network_interface *ifdev, int rate) : netdev(ifdev, rate) { char errbuf[PCAP_ERRBUF_SIZE]; m_p = pcap_open_live_dl(name, 65535, 1, 1, errbuf); if(!m_p) { logerror("Unable to open %s: %s\n", name, errbuf); return; } if(pcap_set_datalink_dl(m_p, DLT_EN10MB) == -1) { logerror("Unable to set %s to ethernet", name); pcap_close_dl(m_p); m_p = NULL; return; } set_mac(get_mac()); }
int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md) { struct ossl_gost_imit_ctx *c = ctx->md_data; if (!c->key_set) { GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET); return 0; } if (c->bytes_left) { int i; for (i=c->bytes_left;i<8;i++) { c->partial_block[i]=0; } mac_block_mesh(c,c->partial_block); } get_mac(c->buffer,32,md); return 1; }
static bool init_ieee802154(void) { u16_t short_addr; SYS_LOG_INF("Initialize ieee802.15.4"); ieee802154_dev = device_get_binding(CONFIG_IEEE802154_CC2520_DRV_NAME); if (!ieee802154_dev) { SYS_LOG_ERR("Cannot get CC250 device"); return false; } radio_api = (struct ieee802154_radio_api *)ieee802154_dev->driver_api; /** * Do actual initialization of the chip */ get_mac(ieee802154_dev); #ifdef CONFIG_NET_SAMPLES_SETTINGS SYS_LOG_INF("Set panid %x channel %d", CONFIG_NET_SAMPLES_IEEE802154_PAN_ID, CONFIG_NET_SAMPLES_IEEE802154_CHANNEL); radio_api->set_pan_id(ieee802154_dev, CONFIG_NET_SAMPLES_IEEE802154_PAN_ID); radio_api->set_channel(ieee802154_dev, CONFIG_NET_SAMPLES_IEEE802154_CHANNEL); #endif /* CONFIG_NET_SAMPLES_SETTINGS */ /* Set short address */ short_addr = (mac_addr[0] << 8) + mac_addr[1]; radio_api->set_short_addr(ieee802154_dev, short_addr); /* Set ieee address */ radio_api->set_ieee_addr(ieee802154_dev, mac_addr); /* Start ieee802154 */ radio_api->start(ieee802154_dev); return true; }
extern std::string GetMac(zxy_request_context* ctx) { char mac[32] = {0}; char ip[32] = {0}; evhtp_request_t* req = ctx->request; int handle = init_arp_table_handle(); inet_ntop(AF_INET, &((struct sockaddr_in*)req->conn->saddr)->sin_addr, ip, sizeof(ip)); std::string realIp = zxy_get_http_header(ctx, "X-Real-Ip"); get_mac(handle, realIp.c_str(), "br-ra", mac, sizeof(mac)); release_arp_table_handle(handle); return mac; }
int init_core_driver(pci_dev_t pci, struct rtl_cfg *cfg) { struct device *dev = kalloc(sizeof (*dev)); if (dev == NULL) panic("No memory in init_core_driver!"); dev->dev_id = device_id_alloc(dev); dev_setup_driver(dev, rtl_rx_vfio, rtl_tx_vfio); cfg->device_id = dev->dev_id; struct netdev *netdev = kalloc(sizeof (*netdev)); netdev->dev = pci; netdev->rx_pull_handle = &rtl_rx_pull_dev; netdev->dev_id = dev->dev_id; netdev->frame_type = ETHERNET; netdev->poll_support = TRUE; netdev->device_data = cfg; get_mac(pci, netdev); rtl_setup_irq_handle(&rtl8168_irq_handler, netdev); register_net_dev(dev, netdev); }
int main(int argc, char *argv[]) { char mac[NET_MAC_LENGTH]; if (2 != argc) { printf("Invalid arguments, need interface name as argument\n"); return -1; } if (get_mac(argv[1], mac, sizeof(mac))) { printf("get mac address of %s failed\n", argv[1]); return -1; } printf("MAC Address: %s\n", mac); return 0; }
static int __init mv643xx_eth_add_pds(void) { unsigned char mac[ETH_ALEN]; int ret; get_mac(mac); #ifdef CONFIG_MV643XX_ETH_0 eth_mac_add(eth1_mac_addr, mac, 0); #endif #ifdef CONFIG_MV643XX_ETH_1 eth_mac_add(eth1_mac_addr, mac, 1); #endif #ifdef CONFIG_MV643XX_ETH_2 eth_mac_add(eth2_mac_addr, mac, 2); #endif ret = platform_add_devices(mv643xx_eth_pd_devs, ARRAY_SIZE(mv643xx_eth_pd_devs)); return ret; }
void osd_netdev::recv(void *ptr, int param) { UINT8 *buf; int len; //const char atalkmac[] = { 0x09, 0x00, 0x07, 0xff, 0xff, 0xff }; while((!m_stop) && (len = recv_dev(&buf))) { #if 0 if(buf[0] & 1) { if(memcmp("\xff\xff\xff\xff\xff\xff", buf, 6) && memcmp(atalkmac, buf, 6) && !m_dev->mcast_chk(buf, len)) continue; } else { //const unsigned char *ourmac = (const unsigned char *)get_mac(); //printf("our mac: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X dst mac: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X\n", ourmac[0], ourmac[1], ourmac[2], ourmac[3], ourmac[4], ourmac[5], buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); if(memcmp(get_mac(), buf, 6) && !get_promisc()) continue; } #endif m_dev->recv_cb(buf, len); } }
int reaver_main(int argc, char **argv) { int ret_val = EXIT_FAILURE, r = 0; time_t start_time = 0, end_time = 0; struct wps_data *wps = NULL; globule_init(); init_default_settings(); fprintf(stderr, "\nReaver v%s WiFi Protected Setup Attack Tool\n", get_version()); fprintf(stderr, "Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <*****@*****.**>\n\n"); if(argc < 2) { ret_val = reaver_usage(argv[0]); goto end; } /* Process the command line arguments */ if(process_arguments(argc, argv) == EXIT_FAILURE) { ret_val = reaver_usage(argv[0]); goto end; } /* Double check reaver_usage */ if(!get_iface() || (memcmp(get_bssid(), NULL_MAC, MAC_ADDR_LEN) == 0)) { reaver_usage(argv[0]); goto end; } /* If no MAC address was provided, get it ourselves */ if(memcmp(get_mac(), NULL_MAC, MAC_ADDR_LEN) == 0) { if(!read_iface_mac()) { fprintf(stderr, "[-] Failed to retrieve a MAC address for interface '%s'!\n", get_iface()); goto end; } } /* Sanity checking on the message timeout value */ if(get_m57_timeout() > M57_MAX_TIMEOUT) { set_m57_timeout(M57_MAX_TIMEOUT); } else if(get_m57_timeout() <= 0) { set_m57_timeout(M57_DEFAULT_TIMEOUT); } /* Sanity checking on the receive timeout value */ if(get_rx_timeout() <= 0) { set_rx_timeout(DEFAULT_TIMEOUT); } /* Initialize signal handlers */ sigint_init(); sigalrm_init(); /* Mark the start time */ start_time = time(NULL); /* Do it. */ crack(); /* Mark the end time */ end_time = time(NULL); /* Check our key status */ if(get_key_status() == KEY_DONE) { wps = get_wps(); cprintf(VERBOSE, "[+] Pin cracked in %d seconds\n", (int) (end_time - start_time)); cprintf(CRITICAL, "[+] WPS PIN: '%s'\n", get_pin()); if(wps->key) cprintf(CRITICAL, "[+] WPA PSK: '%s'\n", wps->key); if(wps->essid) cprintf(CRITICAL, "[+] AP SSID: '%s'\n", wps->essid); /* Run user-supplied command */ if(get_exec_string()) { r = system(get_exec_string()); } ret_val = EXIT_SUCCESS; } else { cprintf(CRITICAL, "[-] Failed to recover WPA key\n"); } save_session(); end: globule_deinit(); return ret_val; }
/* * Processes incoming packets looking for EAP and WPS messages. * Responsible for stopping the timer when a valid EAP packet is received. * Returns the type of WPS message received, if any. */ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header) { struct radio_tap_header *rt_header = NULL; struct dot11_frame_header *frame_header = NULL; struct llc_header *llc = NULL; struct dot1X_header *dot1x = NULL; struct eap_header *eap = NULL; struct wfa_expanded_header *wfa = NULL; const void *wps_msg = NULL; size_t wps_msg_len = 0; enum wps_type type = UNKNOWN; struct wps_data *wps = NULL; if (packet == NULL || header == NULL) { return UNKNOWN; } else if (header->len < MIN_PACKET_SIZE) { return UNKNOWN; } /* Cast the radio tap and 802.11 frame headers and parse out the Frame Control field */ rt_header = (struct radio_tap_header *) packet; frame_header = (struct dot11_frame_header *) (packet + rt_header->len); /* Does the BSSID/source address match our target BSSID? */ if (memcmp(frame_header->addr3, get_bssid(), MAC_ADDR_LEN) == 0) { /* Is this a data packet sent to our MAC address? */ if (frame_header->fc.type == DATA_FRAME && frame_header->fc.sub_type == SUBTYPE_DATA && (memcmp(frame_header->addr1, get_mac(), MAC_ADDR_LEN) == 0)) { llc = (struct llc_header *) (packet + rt_header->len + sizeof (struct dot11_frame_header) ); /* All packets in our exchanges will be 802.1x */ if (llc->type == DOT1X_AUTHENTICATION) { dot1x = (struct dot1X_header *) (packet + rt_header->len + sizeof (struct dot11_frame_header) + sizeof (struct llc_header) ); /* All packets in our exchanges will be EAP packets */ if (dot1x->type == DOT1X_EAP_PACKET && (header->len >= EAP_PACKET_SIZE)) { eap = (struct eap_header *) (packet + rt_header->len + sizeof (struct dot11_frame_header) + sizeof (struct llc_header) + sizeof (struct dot1X_header) ); /* EAP session termination. Break and move on. */ if (eap->code == EAP_FAILURE) { cprintf(VERBOSE, "[!] EAP_FAILURE: TERMINATE\n"); type = TERMINATE; } /* If we've received an EAP request and then this should be a WPS message */ else if (eap->code == EAP_REQUEST) { /* The EAP header builder needs this ID value */ set_eap_id(eap->id); /* Stop the receive timer that was started by the last send_packet() */ stop_timer(); /* Check to see if we received an EAP identity request */ if (eap->type == EAP_IDENTITY) { /* We've initiated an EAP session, so reset the counter */ set_eapol_start_count(0); type = IDENTITY_REQUEST; } /* An expanded EAP type indicates a probable WPS message */ else if ((eap->type == EAP_EXPANDED) && (header->len > WFA_PACKET_SIZE)) { wfa = (struct wfa_expanded_header *) (packet + rt_header->len + sizeof (struct dot11_frame_header) + sizeof (struct llc_header) + sizeof (struct dot1X_header) + sizeof (struct eap_header) ); /* Verify that this is a WPS message */ if (wfa->type == SIMPLE_CONFIG) { wps_msg_len = (size_t) ntohs(eap->len) - sizeof (struct eap_header) - sizeof (struct wfa_expanded_header); wps_msg = (const void *) (packet + rt_header->len + sizeof (struct dot11_frame_header) + sizeof (struct llc_header) + sizeof (struct dot1X_header) + sizeof (struct eap_header) + sizeof (struct wfa_expanded_header) ); /* Save the current WPS state. This way if we get a NACK message, we can * determine what state we were in when the NACK arrived. */ wps = get_wps(); set_last_wps_state(wps->state); set_opcode(wfa->opcode); /* Process the WPS message and send a response */ type = process_wps_message(wps_msg, wps_msg_len); } } } } } } } return type; }
/* PMON passes arguments in C main() style */ void __init prom_init(void) { int argc = fw_arg0; char **arg = (char **) fw_arg1; char **env = (char **) fw_arg2; struct callvectors *cv = (struct callvectors *) fw_arg3; int i; #ifdef CONFIG_SERIAL_8250_CONSOLE // ja_setup_console(); /* The very first thing. */ #endif #ifdef CONFIG_64BIT char *ptr; printk("Mips64 Jaguar-ATX\n"); /* save the PROM vectors for debugging use */ debug_vectors = (struct callvectors *)signext((unsigned long)cv); /* arg[0] is "g", the rest is boot parameters */ arcs_cmdline[0] = '\0'; for (i = 1; i < argc; i++) { ptr = (char *)arg64((unsigned long)arg, i); if ((strlen(arcs_cmdline) + strlen(ptr) + 1) >= sizeof(arcs_cmdline)) break; strcat(arcs_cmdline, ptr); strcat(arcs_cmdline, " "); } i = 0; while (1) { ptr = (char *)arg64((unsigned long)env, i); if (! ptr) break; if (strncmp("gtbase", ptr, strlen("gtbase")) == 0) { marvell_base = simple_strtol(ptr + strlen("gtbase="), NULL, 16); if ((marvell_base & 0xffffffff00000000) == 0) marvell_base |= 0xffffffff00000000; printk("marvell_base set to 0x%016lx\n", marvell_base); } if (strncmp("cpuclock", ptr, strlen("cpuclock")) == 0) { cpu_clock = simple_strtol(ptr + strlen("cpuclock="), NULL, 10); printk("cpu_clock set to %d\n", cpu_clock); } i++; } printk("arcs_cmdline: %s\n", arcs_cmdline); #else /* CONFIG_64BIT */ /* save the PROM vectors for debugging use */ debug_vectors = cv; /* arg[0] is "g", the rest is boot parameters */ arcs_cmdline[0] = '\0'; for (i = 1; i < argc; i++) { if (strlen(arcs_cmdline) + strlen(arg[i] + 1) >= sizeof(arcs_cmdline)) break; strcat(arcs_cmdline, arg[i]); strcat(arcs_cmdline, " "); } while (*env) { if (strncmp("gtbase", *env, strlen("gtbase")) == 0) { marvell_base = simple_strtol(*env + strlen("gtbase="), NULL, 16); } if (strncmp("cpuclock", *env, strlen("cpuclock")) == 0) { cpu_clock = simple_strtol(*env + strlen("cpuclock="), NULL, 10); } env++; } #endif /* CONFIG_64BIT */ mips_machgroup = MACH_GROUP_MOMENCO; mips_machtype = MACH_MOMENCO_JAGUAR_ATX; #ifdef CONFIG_MV643XX_ETH /* get the base MAC address for on-board ethernet ports */ get_mac(prom_mac_addr_base); #endif }
void PmpComponentManager::endInitialization() { LOG4CPLUS_TRACE_METHOD(mLogger, __PRETTY_FUNCTION__ ); assert(mIpcProtocol); assert(mAmpClient); if (mInitializationDone) { LOG4CPLUS_WARN(mLogger, "Initialization done"); return; } mInitializationDone = true; if (!mIpcProtocol->connect()) { LOG4CPLUS_FATAL(mLogger, "Can't connect IPC protocol"); killProcess(1); } LOG4CPLUS_INFO(mLogger, "IPC protocol connected"); if (mSCMsg) { mSCMsg->requestConnected(); LOG4CPLUS_INFO(mLogger, "Sent request to SC"); } else { LOG4CPLUS_WARN(mLogger, "Started without SC connection possibility"); } bool res = false; for(int i=0; i<30; ++i) { LOG4CPLUS_INFO(mLogger, "Connecting to AMP..."); if (mAmpClient->connect()) { res = true; break; } usleep(250000); } if (!res) { LOG4CPLUS_FATAL(mLogger, "No AMP connection"); killProcess(1); } LOG4CPLUS_INFO(mLogger, "AMP connected"); char macAddr[13] = ""; bool mres = get_mac(macAddr); int mac = mres ? atoi(macAddr) : 0; srand(mac + time(NULL) + getpid()); negotiateRole(); if (-1 != mOtherRoleNumber) { onNegotiateRole(mOtherRoleNumber); } }
int open_interface(char *iname) { int i, j, x = 1; struct ifreq ifr; struct bpf_program fp; struct sockaddr_in baddr; char errbuf[PCAP_ERRBUF_SIZE], file[32], buf[256]; if (if_num >= IF_MAX - 1) process_error(EX_RES, "too many interfaces"); logd(LOG_DEBUG, "Trying to open interface: %s", iname); /* If we already have the interface, bind to the current server then */ for (i = 0; i < if_num; i++) { if (strcmp(ifs[i]->name, iname) == 0) { /* If the interface is already binded to this server * (appears twice). Ignore it. */ if (ifs[i]->srv_num != srv_num) { ifs[i]->srv_num++; ifs[i]->srvrs = realloc(ifs[i]->srvrs, ifs[i]->srv_num * sizeof(int)); ifs[i]->srvrs[ifs[i]->srv_num - 1] = srv_num - 1; } return 1; } } ifs[if_num] = malloc(sizeof(struct interface)); if (ifs[if_num] == NULL) process_error(EX_MEM, "malloc"); ifs[if_num]->idx = if_num; strlcpy(ifs[if_num]->name, iname, INTF_NAME_LEN); if (!get_mac(iname, (char *)ifs[if_num]->mac) || !get_ip(iname, &ifs[if_num]->ip, &ifs[if_num]->mask)) { free(ifs[if_num]); return 0; } ifs[i]->srv_num = 1; ifs[i]->srvrs = malloc(ifs[i]->srv_num * sizeof(int)); if (ifs[i]->srvrs == NULL) process_error(EX_MEM, "malloc"); ifs[i]->srvrs[0] = srv_num - 1; /* Looking for a free BPF device and open it */ for (j = 0; j < 255; j++) { snprintf(file, sizeof(file), "/dev/bpf%d", j); ifs[if_num]->bpf = open(file, O_WRONLY); if (ifs[if_num]->bpf != -1 || errno != EBUSY) break; } /* Bind BPF to an interface */ bzero(&ifr, sizeof(ifr)); strlcpy(ifr.ifr_name, iname, sizeof(ifr.ifr_name)); if (ioctl(ifs[if_num]->bpf, BIOCSETIF, (char *)&ifr) < 0) process_error(EX_RES, "Can't BIOCSETIF"); if ((ifs[if_num]->cap = pcap_open_live(iname, max_packet_size, 0, 100, errbuf)) == NULL) process_error(EX_RES, "pcap_open_live(%s): %s", iname, errbuf); if (pcap_compile(ifs[if_num]->cap, &fp, "udp and dst port bootps", 0, 0) < 0) process_error(EX_RES, "pcap_compile"); if (pcap_setfilter(ifs[if_num]->cap, &fp) < 0) process_error(EX_RES, "pcap_setfilter"); if ((ifs[if_num]->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) process_error(EX_RES, "socket for listener at %s: %s", iname, strerror(errno)); if (setsockopt(ifs[if_num]->fd, SOL_SOCKET, SO_BROADCAST, (char *)&x, sizeof(x)) < 0) process_error(EX_RES, "setsockopt: SO_BROADCAST"); if (setsockopt(ifs[if_num]->fd, SOL_SOCKET, SO_REUSEADDR, (char *)&x, sizeof(x)) < 0) process_error(EX_RES, "setsockopt: SO_REUSEADDR"); bzero(&baddr, sizeof(baddr)); baddr.sin_family = AF_INET; baddr.sin_port = bootps_port; memcpy(&baddr.sin_addr.s_addr, &ifs[if_num]->ip, sizeof(ip_addr_t)); if (bind(ifs[if_num]->fd, (struct sockaddr *)&baddr, sizeof(baddr)) < 0) process_error(EX_RES, "bind: %s", strerror(errno)); logd(LOG_WARNING, "Listen at %s: %s/%s, %s", iname, print_ip(ifs[if_num]->ip, buf), print_ip(ifs[if_num]->mask, buf + 16), print_mac(ifs[if_num]->mac, buf + 32)); if_num++; return 1; }
bool cashierApp::OnInit() { try { flog.reset(new file_log_t("cashier.log", 10)); *flog << "start cashier"; } catch (...) { wxMessageBox(_("can't create log file")); wxExit(); return false; } try { *flog << "create xml_config_t"; config.reset(new xml_config_t("cashier.xml")); *flog << "successful"; if (config->get("app", "frac") == "") config->set("app", "frac", "2"); } catch (exception_t& ex) { *flog << ex.comp_message(); wxMessageBox(to_uc(ex.user_message())); wxExit(); return false; } catch (std::exception &ex) { *flog << LLOCATION; *flog << ex.what(); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (...) { *flog << "can't create config file"; wxMessageBox(_("can't create config file")); wxExit(); return false; } try { *flog << "create bag_spooler_t"; std::string server = config->get("bag_spooler", "server"); if (server == "") server = "cafeserv.ksi.ru"; bag_spooler.reset(new bag_spooler_t(server)); *flog << "successful"; } catch (std::exception& ex) { *flog << LLOCATION; *flog << ex.what(); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (...) { *flog << "can't create bag_spooler"; wxMessageBox(_("can't create bag_spooler")); wxExit(); return false; } try { *flog << "create xml_lang_t"; if (config->get("locale", "enable") == "1") { locale.reset(new ksi_cafe::xml_lang_t(config->get("locale", "file"), config->get("locale", "name"), "cashier")); shared_locale.reset(new ksi_cafe::xml_lang_t(config->get("locale", "file"), config->get("locale", "name"), "shared")); lang = 2; } else { locale.reset(new ksi_cafe::xml_lang_t()); shared_locale.reset(new ksi_cafe::xml_lang_t()); lang = 1; } *flog << "successful"; } catch (exception_t& ex) { *flog << ex.what(); locale.reset(new ksi_cafe::xml_lang_t()); wxMessageBox(to_uc(ex.user_message())); } catch (std::exception& ex) { *flog << LLOCATION; *flog << ex.what(); locale.reset(new ksi_cafe::xml_lang_t()); wxMessageBox(to_uc(ex.what())); } catch (...) { *flog << ERROR_IN_LOCATION; wxMessageBox(to_uc(ERROR_IN_LOCATION)); wxExit(); return false; } *flog << "app_version = " + version::version; wx_window_ptr<auth_f> auth (new auth_f(0, to_uc(version::product) + _(" v") + to_uc(version::version), locale->get("auth_f", "login_message_lb1", "Swipe your magnetic card to sign in"), locale->get("auth_f", "login_message_lb2", "Type your login and password"))); auth->set_login(config->get("last_auth", "login")); auth->set_host(config->get("last_auth", "host")); wxIcon cashierIco; cashierIco.CopyFromBitmap(CashierBitmapsFunc(0)); auth->SetIcon(cashierIco); // To Set App Icon wxBitmap splash_bitmap = CashierBitmapsFunc(8); { wxMemoryDC splashDC; splashDC.SelectObject(splash_bitmap); wxString text = _("v")+to_uc(version::version); int text_len = splashDC.GetTextExtent(text).x; splashDC.DrawText(text, splashDC.GetSize().GetWidth()-text_len - 20, splashDC.GetSize().GetHeight()/2); splashDC.SelectObject( wxNullBitmap ); } wx_window_ptr<wxSplashScreen> splash (new wxSplashScreen(splash_bitmap, wxSPLASH_CENTRE_ON_SCREEN|wxSPLASH_NO_TIMEOUT, 6000, NULL, -1, wxDefaultPosition, wxDefaultSize, wxSIMPLE_BORDER)); for (;;) { splash->Hide(); int result = auth->ShowModal(); if (result == wxID_OK) { splash->Show(); std::auto_ptr<ksi_client::oracle_session_i> session_ptr = ksi_client::create_session(); try { session_ptr->connect(auth->login_mb(), auth->password_mb(), auth->host_mb(), auth->sid_mb(), auth->port_mb()); server_host = auth->host_mb() + ":" + boost::lexical_cast<std::string>(auth->port_mb()) + ":" + auth->sid_mb(); ksi_cafe::session.reset(session_ptr.release()); break; } catch (ksi_client::connection_problem_exception& ex) { *flog << ex.what(); wxMessageBox(to_uc(ex.what())); } catch (ksi_client::db_exception& ex) { *flog << ex.what(); wxMessageBox(shared_locale->get("db_exception", ex.userFriendly().first, ex.userFriendly().second)); } catch (ksi_client::ksi_exception& ex) { *flog << ex.what(); wxMessageBox(to_uc(ex.what())); } catch (std::exception& ex) { *flog << LLOCATION; *flog << ex.what(); wxMessageBox(to_uc(ex.what())); } catch (...) { *flog << ERROR_IN_LOCATION; wxMessageBox(to_uc(ERROR_IN_LOCATION)); } } else if (result == wxID_CANCEL) { splash->Close(); return true; } } *flog << "Current USER = "******"last_auth", "login", auth->login_mb()); config->set("last_auth", "host", server_host); auth.reset(); if (config->get("ext", "mode") == "1") { try { *flog << "ext_mode=1"; std::vector<std::string> mac_vec = get_mac(); std::auto_ptr<ksi_client::oracle_query_i> query = ksi_cafe::session->create_query(); int successful = -1; std::string mac = ""; for (size_t i=0; i<mac_vec.size(); ++i) { query->create_statement ( "select ksi.SEANCE_EXIST('" + mac_vec[i] + "') from dual" ); query->execute_statement(); int res = static_cast<int>(boost::get<double>(query->get(0))); if (res == 0) { // not exist mac = mac_vec[i]; successful = 0; break; } else if (res == 1) { // exist mac = mac_vec[i]; successful = 1; break; } else if (res == -1) { // error successful = -1; } } if (successful == 0 && mac != "") { // not exist *flog << "seance not exist"; std::auto_ptr<ksi_client::oracle_query_i> query = ksi_cafe::session->create_query(); query->create_statement ( "begin ksi.CREATE_SESSION('" + mac + "'); end;" ); query->execute_statement(); /*begin work*/ if ((to_uc(config->get("printer", "source")).MakeUpper() == _("LOCAL")) && (to_uc(config->get("printer", "command_set")).MakeUpper() == _("FISCAL REGISTRAR"))) { //com_t com(config->get("printer", "port"), boost::lexical_cast<int>(config->get("printer", "baud_rate")), 3); //fiscal::registrator_t registrar(com); ksi_cafe::session->commit(); } else wxMessageBox(_("Bad config")); ksi_cafe::session->rollback(); /*end work*/ } else if (successful = 1 && mac != "") { // exist *flog << "seance exist"; } else { // error *flog << "seace error"; wxMessageBox(_("This terminal is not registered on the shift or the shift is not running.")); wxExit(); return false; } } catch (exception_t& ex) { *flog << LLOCATION; *flog << ex.comp_message(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.comp_message())); wxExit(); return false; } catch (ksi_client::db_exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(shared_locale->get("db_exception", ex.userFriendly().first, ex.userFriendly().second)); wxExit(); return false; } catch (ksi_client::ksi_exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (fiscal::exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (std::exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (...) { *flog << ERROR_IN_LOCATION; bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ERROR_IN_LOCATION)); wxMessageBox(to_uc(ERROR_IN_LOCATION)); wxExit(); return false; } } try { cashier_f* cashier = new cashier_f(0); cashier->SetIcon(cashierIco); if (config->get("resolution", "stay_on_top") == "0" || to_uc(config->get("resolution", "stay_on_top")).MakeUpper() == _("OFF")) { } else { cashier->SetWindowStyle(wxSTAY_ON_TOP|wxTAB_TRAVERSAL); } if (config->get("resolution", "auto") == "1" || to_uc(config->get("resolution", "auto")).MakeUpper() == _("ON")) { cashier->ShowFullScreen(true); } else cashier->Show(); splash->Close(); } catch (exception_t& ex) { *flog << LLOCATION; *flog << ex.comp_message(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.user_message())); wxExit(); return false; } catch (ksi_client::ksi_exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (std::exception& ex) { *flog << LLOCATION; *flog << ex.what(); bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ex.what())); wxMessageBox(to_uc(ex.what())); wxExit(); return false; } catch (...) { *flog << ERROR_IN_LOCATION; bag_spooler->send_bag(bag_record_t(0, app_id, version::version, ERROR_IN_LOCATION)); wxMessageBox(to_uc(ERROR_IN_LOCATION)); wxExit(); return false; } splash->Close(); return true; }
/* Brute force all possible WPS pins for a given access point */ void crack() { unsigned char *bssid = NULL; char *pin = NULL; int fail_count = 0, loop_count = 0, sleep_count = 0, assoc_fail_count = 0; float pin_count = 0; time_t start_time = 0; enum wps_result result = 0; /* MAC CHANGER VARIABLES */ int mac_changer_counter = 0; char mac[MAC_ADDR_LEN] = { 0 }; unsigned char mac_string [] = "ZZ:ZZ:ZZ:ZZ:ZZ:ZZ"; unsigned char* new_mac = &mac_string[0]; char last_digit = '0'; if(!get_iface()) { return; } if(get_max_pin_attempts() == -1) { cprintf(CRITICAL, "[X] ERROR: This device has been blacklisted and is not supported.\n"); return; } /* Initialize network interface */ set_handle(capture_init(get_iface())); if(get_handle() != NULL) { generate_pins(); /* Restore any previously saved session */ if(get_static_p1() == NULL) { restore_session(); } /* Convert BSSID to a string */ bssid = mac2str(get_bssid(), ':'); /* * We need to get some basic info from the AP, and also want to make sure the target AP * actually exists, so wait for a beacon packet */ cprintf(INFO, "[+] Waiting for beacon from %s\n", bssid); read_ap_beacon(); process_auto_options(); /* I'm fairly certian there's a reason I put this in twice. Can't remember what it was now though... */ if(get_max_pin_attempts() == -1) { cprintf(CRITICAL, "[X] ERROR: This device has been blacklisted and is not supported.\n"); return; } /* This initial association is just to make sure we can successfully associate */ while(!reassociate()) { if(assoc_fail_count == MAX_ASSOC_FAILURES) { assoc_fail_count = 0; cprintf(CRITICAL, "[!] WARNING: Failed to associate with %s (ESSID: %s)\n", bssid, get_ssid()); } else { assoc_fail_count++; } } cprintf(INFO, "[+] Associated with %s (ESSID: %s)\n", bssid, get_ssid()); /* Used to calculate pin attempt rates */ start_time = time(NULL); /* If the key status hasn't been explicitly set by restore_session(), ensure that it is set to KEY1_WIP */ if(get_key_status() <= KEY1_WIP) { set_key_status(KEY1_WIP); } /* * If we're starting a session at KEY_DONE, that means we've already cracked the pin and the AP is being re-attacked. * Re-set the status to KEY2_WIP so that we properly enter the main cracking loop. */ else if(get_key_status() == KEY_DONE) { set_key_status(KEY2_WIP); } //copy the current mac to the new_mac variable for mac changer if (get_mac_changer() == 1) { strncpy(new_mac, mac2str(get_mac(), ':'), 16); } /* Main cracking loop */ for(loop_count=0, sleep_count=0; get_key_status() != KEY_DONE; loop_count++, sleep_count++) { //MAC Changer switch/case to define the last mac address digit if (get_mac_changer() == 1) { switch (mac_changer_counter) { case 0: last_digit = '0'; break; case 1: last_digit = '1'; break; case 2: last_digit = '2'; break; case 3: last_digit = '3'; break; case 4: last_digit = '4'; break; case 5: last_digit = '5'; break; case 6: last_digit = '6'; break; case 7: last_digit = '7'; break; case 8: last_digit = '8'; break; case 9: last_digit = '9'; break; case 10: last_digit = 'A'; break; case 11: last_digit = 'B'; break; case 12: last_digit = 'C'; break; case 13: last_digit = 'D'; break; case 14: last_digit = 'E'; break; case 15: last_digit = 'F'; mac_changer_counter = -1; break; } mac_changer_counter++; new_mac[16] = last_digit; //transform the string to a MAC and define the MAC str2mac((unsigned char *) new_mac, (unsigned char *) &mac); set_mac((unsigned char *) &mac); cprintf(WARNING, "[+] Using MAC %s \n", mac2str(get_mac(), ':')); } /* * Some APs may do brute force detection, or might not be able to handle an onslaught of WPS * registrar requests. Using a delay here can help prevent the AP from locking us out. */ pcap_sleep(get_delay()); /* Users may specify a delay after x number of attempts */ if((get_recurring_delay() > 0) && (sleep_count == get_recurring_delay_count())) { cprintf(VERBOSE, "[+] Entering recurring delay of %d seconds\n", get_recurring_delay()); pcap_sleep(get_recurring_delay()); sleep_count = 0; } /* * Some APs identify brute force attempts and lock themselves for a short period of time (typically 5 minutes). * Verify that the AP is not locked before attempting the next pin. */ while(get_ignore_locks() == 0 && is_wps_locked()) { cprintf(WARNING, "[!] WARNING: Detected AP rate limiting, waiting %d seconds before re-checking\n", get_lock_delay()); pcap_sleep(get_lock_delay()); } /* Initialize wps structure */ set_wps(initialize_wps_data()); if(!get_wps()) { cprintf(CRITICAL, "[-] Failed to initialize critical data structure\n"); break; } /* Try the next pin in the list */ pin = build_next_pin(); if(!pin) { cprintf(CRITICAL, "[-] Failed to generate the next payload\n"); break; } else { cprintf(WARNING, "[+] Trying pin %s\n", pin); } /* * Reassociate with the AP before each WPS exchange. This is necessary as some APs will * severely limit our pin attempt rate if we do not. */ assoc_fail_count = 0; while(!reassociate()) { if(assoc_fail_count == MAX_ASSOC_FAILURES) { assoc_fail_count = 0; cprintf(CRITICAL, "[!] WARNING: Failed to associate with %s (ESSID: %s)\n", bssid, get_ssid()); } else { assoc_fail_count++; } } /* * Enter receive loop. This will block until a receive timeout occurs or a * WPS transaction has completed or failed. */ result = do_wps_exchange(); switch(result) { /* * If the last pin attempt was rejected, increment * the pin counter, clear the fail counter and move * on to the next pin. */ case KEY_REJECTED: fail_count = 0; pin_count++; advance_pin_count(); break; /* Got it!! */ case KEY_ACCEPTED: break; /* Unexpected timeout or EAP failure...try this pin again */ default: cprintf(VERBOSE, "[!] WPS transaction failed (code: 0x%.2X), re-trying last pin\n", result); fail_count++; break; } /* If we've had an excessive number of message failures in a row, print a warning */ if(fail_count == WARN_FAILURE_COUNT) { cprintf(WARNING, "[!] WARNING: %d failed connections in a row\n", fail_count); fail_count = 0; pcap_sleep(get_fail_delay()); } /* Display status and save current session state every DISPLAY_PIN_COUNT loops */ if(loop_count == DISPLAY_PIN_COUNT) { save_session(); display_status(pin_count, start_time); loop_count = 0; } /* * The WPA key and other settings are stored in the globule->wps structure. If we've * recovered the WPS pin and parsed these settings, don't free this structure. It * will be freed by wpscrack_free() at the end of main(). */ if(get_key_status() != KEY_DONE) { wps_deinit(get_wps()); set_wps(NULL); } /* If we have cracked the pin, save a copy */ else { set_pin(pin); } free(pin); pin = NULL; /* If we've hit our max number of pin attempts, quit */ if((get_max_pin_attempts() > 0) && (pin_count == get_max_pin_attempts())) { cprintf(VERBOSE, "[+] Quitting after %d crack attempts\n", get_max_pin_attempts()); break; } } if(bssid) free(bssid); if(get_handle()) { pcap_close(get_handle()); set_handle(NULL); } } else { cprintf(CRITICAL, "[-] Failed to initialize interface '%s'\n", get_iface()); } }